PATENT 

REMARKS 
Claims 1-102 are pending in the application. 
Claims 1-102 stand rejected. 

Claims 12, 42, 55, 62, 77, 85, 91 and 97 have been amended. 

Claims 103-106 have been added. 

Amendments to Drawings 

The Examiner objected to the drawings, specifically Fig. 1, for failing, in part, to conform 
to the Detailed Description. Fig. 1 has been amended to address these issues. No new matter has 
been included in Fig. 1 . 

Rejection of Claims under 35 U.S.C. $112 

Claims 55 and 62 stand rejected under 35 U.S.C. § 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
Applicant regards as the invention. Applicants have amended claims 55 and 62 to address these 
issues, and respectfully believe this rejection to be overcome thereby. 



Rejection of Claims under 35 U.S.C. $102 

Claims 1-14, 16, 19-28, 33-44, 46, 47 and 50-84 stand rejected under 35 U.S.C. § 102(b) 
as being anticipated by Coley et al., U.S. Patent No. 5,826,014. Applicants respectfully traverse 
this rejection. Applicants respectfully traverse this rejection. 
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With regard to claim 1 , Applicants respectfully submit that the Office Action 
misinterprets various of the claim limitations recited therein. For example, claim 1 recites, in 
pertinent part: 

said first communications program creates said second network 

connection to said second communications program through a first 
firewall program, 

said first firewall program prevents access to said first program initiated 

by said second program, and 
said second network connection is initiated by said first communications 

program ; and ..." (emphasis supplied) 

First, the Office Action equates the claimed network connections with a physical 
connection from one element to another. While such a physical connection is necessary to the 
claimed network connection, such a physical connection is not sufficient, taken alone, to 
establish the claimed network connection, because the claimed network connection implies a 
state of communications between two network elements. For example, if the definition used in 
the Office Action is taken to be correct, reciting "said first communications program creates said 
second network connection" and "said second network connection is initiated by said first 
communications program" make no sense, as the physical hardware would not be created or 
initiated by a software module. Because the claimed creation and initiation of network 
connections are an integral part of the claimed invention, Applicants respectfully assert that the 
mere existence of a physical connection does not anticipate the claimed network connection. 

Second, the rejection in the Office Action mischaracterizes the second and third 
limitations of the above quotation from claim 1. The firewall application of Coley comprises a 
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number of proxy agents that are assigned to investigate and handle an incoming access request. 
Using the characterization provided by the Office Action, such an incoming access request 
would be made from host computer 302. However, if the characterization provided by the Office 
Action is used, the access request would have to come from web server 322, which is not only 
incorrect, but counterintuitive. 

Moreover, one cannot equate Coley's proxy agents to the claimed first communications 
program, as is posited in the Office Action, because Coley's proxy agents do not "[ create ] ... [a] 
second network connection to [the] . . . second communications program " (emphasis supplied), as 
is recited in the portion of claim 1 quoted above. In the claimed invention, the claimed first 
communications program creates a network connection to the claimed second communications 
program. Even if Coley's proxy agents are equated to the claimed first communications 
program, which Applicants respectfully argue cannot be done, Coley's proxy agents do not 
create a network connection to the router in Coley (which the Office Action equates to the 
claimed second communications program). In fact, Coley's proxy agents only respond to an 
incoming access request from the public network described in Coley. (col. 8, line 62, through 
col. 9, line 3; col. 10, lines 35-55) Moreover, the only such action taken in response to this 
incoming access request is to initiate a connection request to the destination machine, (col. 10, 
lines 35-42) Thus, Coley does not anticipate a first communications program that creates a 
network connection to a second communications program, in the manner of the claimed 
invention. 

Applicants therefore respectfully assert that Coley fails to anticipated claim 1 . 
Applicants further respectfully assert that claim 33, which recites substantially similar limitations 
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claim 1, and claims 2-1 1 and 34-41, which depend therefrom, are also not anticipated by Coley, 
for at least the foregoing reasons. 

In a similar fashion, claim 12 now recites "said first communications program creates 
said second network connection . . .." As before, the Office Action incorrectly equates Coley's 
proxy agent with the claimed first communications program, and further incorrectly equates 
Coley's host with the claimed second program, leading to a problem similar to that noted in 
regard to claim 1, in that Coley's proxy agent does not and would not initiate a connection to the 
host in Coley. Applicants therefore respectfully assert that Coley fails to anticipated claim 12. 
Applicants further respectfully assert that claim 42, which now recites substantially similar 
limitations claim 12, and claims 13-14, 16, 43-44 and 46-47, which depend therefrom, are also 
not anticipated by Coley, for at least the foregoing reasons. 

In a similar fashion, claim 19 recites "said first communications program creates said 
second network connection to said second program . . .." As before, the Office Action incorrectly 
equates Coley's proxy agent with the claimed first communications program, and further 
incorrectly equates Coley's host with the claimed second program, leading to a problem similar 
to that noted in regard to claim 1, in that Coley's proxy agent does not and would not initiate a 
connection to the host in Coley. Applicants therefore respectfully assert that Coley fails to 
anticipated claim 1 9. Applicants further respectfully assert that claim 50, which recites 
substantially similar limitations claim 19, and claims 20-22 and 51-53, which depend therefrom, 
are also not anticipated by Coley, for at least the foregoing reasons. 

In a similar fashion, claim 23 recites "creating a second network connection from said 
first communications program to a second communications program . . .." As before, the Office 
Action incorrectly equates Coley's proxy agent with the claimed first communications program 
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and Coley's router with the claimed second communications program, leading to the problem 
noted in regard to claim 1, in that Coley's proxy agent does not and would not initiate a 
connection to the router in Coley. Applicants therefore respectfully assert that Coley fails to 
anticipated claim 12. Applicants further respectfully assert that claims 23-28, which depend 
therefrom, are also not anticipated by Coley, for at least the foregoing reasons. 

Although the Office Action states that claims 85 and 86 stand rejected, Applicants 
assume that it is intended that claims 85-102 stand rejected under 35 U.S.C. § 102(e) as being 
anticipated by Crichton et al., U.S. Patent No. 6,104,716. Applicants respectfully traverse this 
rejection. 

Independent claim 85, as well as independent claims 91 and 97, which closely parallel 
claim 85, have been amended to more clearly point out the distinctions between the claimed 
invention and Crichton. As an initial matter, as characterized in the Office Action and illustrated 
in the cited sections of Crichton, Crichton fails to teach first and second protocol daemons that 
are capable of creating network connections between themselves and other of the programs in 
Crichton's network configuration. More specifically, Applicants are unable to find anywhere in 
Crichton a teaching that Crichton's client end proxy and server end proxy are capable of opening 
a connection to anything other than a middle proxy. By contrast, the claimed first and second 
protocol daemons are capable of creating network connections between themselves and the 
claimed first and second programs, respectively (and in fact, perform this function in their 
operation). Thus, not only does Crichton fail to teach the claimed protocol daemons, Applicants 
are unable to find anywhere in Crichton a teaching an application that is capable of opening 
connections to the middle proxy and either of the client or server. 
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Applicants therefore respectfully assert that Crichton fails to anticipated claim 85. 
Applicants further respectfully assert that claims 91 and 97, which recite substantially similar 
limitations claim 85, and claims 86-90, 92-96 and 98-102, which depend therefrom, are also not 
anticipated by Crichton, for at least the foregoing reasons. 

Rejection of Claims under 35 U.S.C. §J03 

Claims 15, 17, 18, 45, 48 and 49 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Coley, in view of Minear et al., U.S. Patent No. 5,983,350 (Minear). 
Applicants respectfully traverse this rejection. 

As an initial matter, no motivation to combine the disclosures of Coley and Minear exists 
in either reference. Coley is directed to the use of proxy agents that protect an internal network 
by performing a number of "checks" on an incoming access request, (col. 9, line 3, through col. 
1 0, line 34) Minear describes the implementation of a firewall that provides a number of 
security levels, (col. 6, lines 41-62) Applicants respectfully submit that such operations would 
be duplicative of one another, were the two disclosures combined. The purpose of each 
methodology is to prevent unauthorized traffic from being communicated between network 
elements on either side of a firewall. In either case, once this objective has been achieved, there 
is no particular need to take further measures to either allow or prevent such communications, 
because the communications in question would have already been allowed or prevented. The 
fact that this objective is met using different techniques does not in any way imply that their 
capabilities would be somehow more desirable in combination, as taken separately. Thus, Coley 
and Minear would not be expected to, and indeed fail to show, teach or suggest their 
combination. 
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Moreover, Applicants respectfully submit that even if Coley and Minear were combined, 
the motivation for which Applicants respectfully maintain is lacking, such a combination fails to 
remedy the infirmities noted in regard to the rejections under 35 U.S.C. § 102(b), in that not all 
of the recited limitations are shown, taught or suggested by the combination of Coley and 
Minear, as discussed in connection with claims 12 and 42. Specifically, such a combination 
would still fail to teach a first communications program that creates a network connection to a 
second program, as discussed earlier. For at least the foregoing reasons, Applicants therefore 
respectfully assert that Coley and Minear fail to make obvious the claimed invention, as claimed 
in claims 15, 17, 18, 45, 48 and 49. 

Claims 29-32 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Coley, 
in view of Crichton. Applicants respectfully traverse this rejection. 

As an initial matter, no motivation to combine the disclosures of Coley and Crichton 
exists in either reference. Coley is directed to the use of proxy agents that protect an internal 
network by performing a number of "checks" on an incoming access request, (col. 9, line 3, 
through col 10, line 34) Crichton describes the implementation of a multiple proxy architecture 
that employs a middle proxy within a public network (e.g., the Internet) to allow communication 
between a client and server located in separate private networks connected to one another by the 
public network. (Fig. 4; col. 4, line 20, through col. 5, line 45) Applicants respectfully submit 
that such operations and architectural features would be duplicative, were the two disclosures 
combined. In effect, since Coley's host is coupled to the public network, which is in turn 
coupled to a server via a firewall, the arrangement in Coley simply represents the portion of 
Crichton's architecture (depicted in Fig. 4 therein) that includes Crichton's client, client end 
proxy, middle proxy, firewall, server end proxy and server, which are analogous to Coley's host, 
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router (router 304), router (router 308), firewall, proxy agent and server. Thus, adding Coley's 
disclosure would add little, if anything, to the disclosure of Crichton. 

Furthermore, the addition of Coley to Crichton would not provide any appreciable 
additional benefits. Crichton supports communications between the client and server disclosed 
therein, while offering both the client and server protection from unauthorized access via the use 
of firewalls. Coley supports communications between the client and server disclosed therein, 
while offering only the server protection from unauthorized access via the use of a firewall. 
Thus, Crichton gains nothing by the addition of Coley. 

In the converse, Coley gains nothing by the addition of Crichton. Because Coley is 
focused on access of a server on an internal network by a host on a public network, Coley fails to 
contemplate a host protected by a firewall. In fact, Coley is concerned with an environment in 
which an institutional service provider (ISP) allows public access to a portion of its network, and 
protects another portion of its network (the internal network) using a firewall that limits access to 
the internal network from the public network, to those parties having the appropriately-verified 
right to access the internal network, (col. 8, line 62, through col. 9, line 32) This allows a user 
to access the ISP's publicly accessible network, and, if the user is verified, to access the ISP's 
internal network. Thus, the public can be allowed access to the ISP's publicly accessible 
network, while employees can be allowed access to the ISP's publicly accessible network and 
internal network, regardless of the location from which they access the ISP. (col. 8, lines 27-54) 

Because Crichton is intended to prevent access by any host (allowing only access to the 
server through the middle proxy by clients supported by the middle proxy (col. 5, lines 9-16)), 
one of skill in the art would not have looked to Crichton to provide additional security to Coley's 
architecture, because doing so would defeat features important to Coley's architecture. 

-36- 

Serial No.: 09/456,692 



A further infirmity is the fact that while both Crichton's client end proxy and server end 
proxy are configured to initiate connections to network devices outside their respective private 
networks (Crichton, col. 5, lines 1-16), the proxy agents of Coley are only configured to initiate 
an access request to a destination machine within the internal network (Coley, col. 10, lines 35- 
42). Thus, the operation of Crichton's end proxies is the antithesis of that of Coley's proxy 
agents. The two disclosures approaches are therefore incompatible in this regard. Again, one of 
skill in the art would not be motivated to combine the two references to arrive at the claimed 
invention. 

Moreover, Applicants respectfully submit that even if Coley and Crichton were 
combined, the motivation for which Applicants respectfully maintain is lacking, such a 
combination fails to remedy the infirmities noted in regard to the rejections under 35 U.S.C. § 
102(b), in that not all of the recited limitations are shown, taught or suggested by the 
combination of Coley and Crichton, as discussed in connection with claim 23. Specifically, such 
a combination would still fail to teach "creating a second network connection from said first 
communications program to a second communications program," as discussed earlier. For at 
least the foregoing reasons, Applicants therefore respectfully assert that Coley and Crichton fail 
to make obvious the claimed invention, as claimed in claims 29-32. Moreover, Applicants 
respectfully submit that new claims 103-106, which reflect the limitations found in the original 
claims 29-32, are also allowable, for at least the foregoing reasons. 

In light of the foregoing, Applicants respectfully assert that claims 1-14, 16, 19-28, 33- 
44, 46-47 and 50-102 are not anticipated by any of the cited references. Applicants also 
respectfully assert that claims 15, 17, 18, 29-32, 45, 48 and 49, and new claims 103-106, are not 
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made obvious by the cited references, taken either alone or in permissible combination. 
Applicants therefore respectfully submit that claims 1-106 are in condition for allowance. 
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CONCLUSION 



In view ^tig^gBe/lSments and remarks set forth herein, the application is believed to be 
in condition for allowance and a notice to that effect is solicited. Nonetheless, should any issues 
remain that might be subject to resolution through a telephonic interview, the Examiner is invited 
to telephone the undersigned at 5 1 2-439-5080. 



I hereby certify that this correspondence is being deposited with the 
United States Postal Service as First Class Mail in an envelope 
addressed to: Commissioner for Patents, P.O. Box 1450, Alexandria, 
VA 223 1 3-1 450, on December 5. 2003 . 




/ v Attorney for Applicants 



Date of Signature 



Respectfully submitted, 





Samuel G. Campbell, III 
Attorney for Applicants 
Reg. No. 42,381 
(512) 439-5084 (Phone) 
(512) 439-5099 (Fax) 
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DEC 1 1 2003 

Technology Center 210^ 
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